Search form

menu-bar

worm

There has been a lot of media coverage and discussion of the Stuxnet malware, and its impact on industrial control system (ICS) and SCADA security. We are one of the groups guilty of creating a Stuxnet publishing industry.

I have just come back from three very interesting presentations by Symantec, Microsoft and Kaspersky Labs at the Virus Bulletin 2010 conference. For two hours they discussed their latest findings on Stuxnet, the PLC/SCADA-targeting worm of the decade.

If you have been reading the various advisories on the Stuxnet malware, you would be forgiven for thinking that only computers running relatively new versions of the Windows systems are vulnerable to this worm. For example, the Siemens Stuxnet advisory states; “The virus affects operating systems from XP and higher.” Does that mean if I am running Windows 2000 servers I am immune?

Unfortunately, the answer is NO! Based on our testing, all versions of Windows are vulnerable to Stuxnet, regardless of age.